Trust

Trust, documented.

Compliance posture, audits, BAAs, and uptime — in one place, kept current. If a credential is in progress, we say so.

Compliance posture

Where we stand today.

HIPAA

HIPAA-aligned

BAA signed with every pharmacy. Encryption at rest and in transit.

EPCS

Certification in progress

EPCS-ready architecture. Drummond certification engaged.

SOC 2

Audit in progress

Type II underway. Quarterly reviews planned.

Data residency

US only

All pharmacy and patient data stored in the United States.

Business Associate Agreement

Our BAA.

We sign a BAA before any protected health information moves. Read our standard BAA template, or ask Cassie to walk you through it.

View BAA template →

Uptime & status

Uptime and status.

Our status page reports live system health and incident history. It goes live alongside the SOC 2 report.

View status page →

Audits & records

Audit-ready, every day.

Every agent action is logged with a timestamp and an approver. OOS, CAPA, and vendor-qualification records are maintained continuously, so an audit is a query, not a fire drill.

Responsible AI

How our agents are governed.

Agents operate inside a narrow scope with a confidence threshold and a human checkpoint. Cassie discloses that she is an AI agent when asked, and never claims to be a licensed pharmacist or to give clinical advice.